Filtered by vendor Targit Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-36427 1 Targit 1 Decision Suite 2024-11-21 8.1 High
The file-serving function in TARGIT Decision Suite before 24.06.19002 (TARGIT Decision Suite 2024 – June) allows authenticated attackers to read or write to server files via a crafted file request. This can allow code execution via a .xview file.
CVE-2024-36426 1 Targit 1 Decision Suite 23.2.15007.0 2024-11-21 7.5 High
In TARGIT Decision Suite 23.2.15007.0 before Autumn 2023, the session token is part of the URL and may be sent in a cleartext HTTP session.